VDB
DEBIAN-CVE-2016-9962
DEBIAN-CVE-2016-9962
PUBLISHED
CVSS 6.400000095367432 MEDIUM
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
Risk Scores
CVSS v3.0
6.400000095367432
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | docker.io | 0, 0, 0 |
| Debian:12 | runc | 0, 0, 0 |
| Debian:13 | docker.io | 0, 0, 0 |
| Debian:11 | runc | 0, 0, 0 |
| Debian:11 | docker.io | 0, 0, 0 |
| Debian:13 | runc | 0, 0, 0 |
| Debian:14 | docker.io | 0, 0, 0 |
| Debian:14 | runc | 0, 0, 0 |
Timeline
- Jan 31, 2017 CVE Published
- Apr 28, 2026 CVE Updated